package org.java.gateway.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpMethod;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.reactive.CorsConfigurationSource;
import org.springframework.web.cors.reactive.UrlBasedCorsConfigurationSource;
import org.springframework.web.server.WebFilter;

import java.util.Arrays;
import java.util.List;
@Configuration
public class CorsConfig {

    @Bean
    CorsConfigurationSource corsConfigurationSource(){
        CorsConfiguration configuration = new CorsConfiguration();
        // 允许跟哪个域名共享访问，*表示所有域名
        configuration.setAllowedOrigins(Arrays.asList("*"));
        // 哪些方式的请求可以共享访问
        configuration.setAllowedMethods(Arrays.asList("GET", "POST", "OPTIONS"));
        // 如果配置了*作为跨站域名，并且AllowCredentials为true，那么会自动把*改为当前的Origin
        configuration.setAllowCredentials(true);
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        // 哪些URL要考虑跨源访问
        source.registerCorsConfiguration("/**", configuration);
        return source;
    }
}
//@Configuration
//public class CorsConfig {
//    // 激活跨域访问
//    @Bean
//    @Order(Ordered.HIGHEST_PRECEDENCE)
//    WebFilter corsWebFilterChain() {
//        // Access-Control-Allow-Origin
//        // Access-Control-Allow-Credentials
//        // Access-Control-Allow-Methods
//        // Access-Control-Max-Age
//        // Access-Control-Allow-Headers
//        WebFilter filter = (exchange, chain) -> {
//            // 允许任意源跨域访问
//            exchange.getResponse()
//                    .getHeaders()
//                    // 哪些源可以跨域访问网关
//                    // 比如 127.0.0.1:8080
//                    // 比如 *.fkjava.org
//                    .setAccessControlAllowOrigin("*");
//            // 在响应头里面加上允许跨域访问的响应头
//            exchange.getResponse()
//                    .getHeaders()
//                    .setAccessControlAllowCredentials(true);
//            // 运行哪些类型的请求跨域访问
//            exchange.getResponse()
//                    .getHeaders()
//                    .setAccessControlAllowMethods(
//                            List.of(
//                                    HttpMethod.GET, HttpMethod.POST, HttpMethod.PUT, HttpMethod.DELETE,
//                                    HttpMethod.PUT, HttpMethod.OPTIONS, HttpMethod.TRACE, HttpMethod.PATCH,
//                                    HttpMethod.HEAD
//                            ));
//            // 跨域请求的最长时间
//            exchange.getResponse()
//                    .getHeaders()
//                    .setAccessControlMaxAge(3600);
//            // 有哪些请求头的时候，允许跨域
//            exchange.getResponse()
//                    .getHeaders()
//                    .setAccessControlAllowHeaders(
//                            List.of(
//                                    "Origin",
//                                    "X-Requested-With",
//                                    "Content-Type",
//                                    "Accept"
//                            )
//                    );
//            return chain.filter(exchange);
//        };
//        return filter;
//    }
//}
